locked
Remote Access " Warning Unknown Publisher" RRS feed

  • Question

  • I posted this on WGS forum and received a reply suggesting I added this problem to an outstanding bug log on Connect. I have looked and can't seem to find anything relevent could somebody please help. I would like to get this issue resolved if not now sometime in the future.

    When I remote access via https homeserver domain I can log on and access my shares without any difficulty. When I then try to connect to server I always receive a warning "Allow the remote computer to access the following resources on my computer". If I acknowledge this message promptly by clicking on Connect, the connection is established and everything works normally. It is not client related, it happens with any client. Can somebody explain why am I getting this warning and how can I prevent it from occurring every time I connect?

    I have a snip image of the dialog box but can't work out how to attach here.
    Thanks guys.

    Alan
    Thursday, May 14, 2009 12:01 PM

Answers

  • Hi Alan,
    I have seen your sceenshot on WGS, so it may be the resolution posted on mydigitallife.info helps.
    Best greetings from Germany
    Olaf
    Thursday, May 14, 2009 12:08 PM
    Moderator
  • Yes, everyone sees this. You're being warned because the server side of the Remote Desktop connection doesn't have a certificate, and (in Remote Desktop client 6.1) that triggers the warning. for more information see e.g. this thread in the Windows Server forums.

     As for "fixing" the issue, probably no amount of bug reports and validations is going to do that. Everything is working as designed right now. The "fix" would be to sign the connection, but I don't know that it's possible for Windows Home Server to do that automatically.

    Edit:
    And for your amusement, I've submitted a product suggestion on Connect. Feel free to vote and validate. :)

    I'm not on the WHS team, I just post a lot. :)
    Thursday, May 14, 2009 4:04 PM
    Moderator

All replies

  • Hi Alan,
    I have seen your sceenshot on WGS, so it may be the resolution posted on mydigitallife.info helps.
    Best greetings from Germany
    Olaf
    Thursday, May 14, 2009 12:08 PM
    Moderator
  • Hi Olaf

    Thanks for your swift reply...wow

    If it's "normal" does that mean everybody receives this message? I'm aware it's not critical and everything still works as intended but in reality it does need fixing and I just want to add my occurrence to that other folks are experiencing the same problem. The more people who report this issue the greater the chance it will get fixed. Is there a bug log of some sort I can append to?

    Cheers

    Alan

    Thursday, May 14, 2009 12:25 PM
  • Hi Olaf

    Thanks for your post, I'll check it out but will be tomorrow now.

    Thanks again, I'll post the outcome.

    Alan

    Thursday, May 14, 2009 12:47 PM
  • Yes, everyone sees this. You're being warned because the server side of the Remote Desktop connection doesn't have a certificate, and (in Remote Desktop client 6.1) that triggers the warning. for more information see e.g. this thread in the Windows Server forums.

     As for "fixing" the issue, probably no amount of bug reports and validations is going to do that. Everything is working as designed right now. The "fix" would be to sign the connection, but I don't know that it's possible for Windows Home Server to do that automatically.

    Edit:
    And for your amusement, I've submitted a product suggestion on Connect. Feel free to vote and validate. :)

    I'm not on the WHS team, I just post a lot. :)
    Thursday, May 14, 2009 4:04 PM
    Moderator
  • Hi Ken,
    according to this posting Alans warning is not the certificate warning, but something else.

    And ... while I get the certificate warning on my work PC with Windows 7, if I try to open a RDP connection to my server at home, I do not see the warning, if I open a Remote Desktop session to a WHS in another small office from my home.

    Best greetings from Germany
    Olaf
    Thursday, May 14, 2009 6:34 PM
    Moderator
  • Olaf, the warning in the yellow box at the top is because of a missing or unrecognized certificate. See e.g. TS RemoteApp Step-by-Step Guide on Technet.

    Note to OP: please don't follow that link and try to do anything until someone braver or foolhardier than you (Me? Olaf? Almost any WHS MVP is probably overqualified. :) ) has had a chance to mess their server up with it first.

    I'm not on the WHS team, I just post a lot. :)
    Thursday, May 14, 2009 6:54 PM
    Moderator
  • Yes, everyone sees this.

    That's not true, Ken.  I have 2 computers at work.  My new computer (a couple months old) had that pop-up while my old one (7 years old) didn't.  (That probably stems back from the fact that I installed my certificate on my old computer way back in the day, before MS added the GoDaddy certificate to WHS.)

    You're being warned because the server side of the Remote Desktop connection doesn't have a certificate, and (in Remote Desktop client 6.1) that triggers the warning. for more information see e.g. this thread in the Windows Server forums.

    As for "fixing" the issue, probably no amount of bug reports and validations is going to do that. Everything is working as designed right now. The "fix" would be to sign the connection, but I don't know that it's possible for Windows Home Server to do that automatically.

    While it's working as designed, I found it to be irritating.  So I dug around in both computers and found the difference and the "fix": my old computer was using msrdp.ocx to establish the RDC while my new computer was using mstscax.dll.  The "fix" for me was to copy msrdp.ocx to my new computer (C:\Windows\system32), then register it (regsvr32 msrdp.ocx).  Voila, no more pop-ups. :)  Note that both PCs were XP 32-bit.  I just tried it on 7 RC 64-bit, no luck there (couldn't register msrdp.ocx), so it may only work on XP or it may only work on a 32-bit OS (I would guess it's the latter).  And, as always, YMMV.

    EDIT:  I just tried it on 7 RC 32-bit.  It allowed me to register the ocx file, but it still didn't work.  This "fix" must be limited to XP only.

    Edit:
    And for your amusement, I've submitted a product suggestion on Connect. Feel free to vote and validate. :)

    I'm not on the WHS team, I just post a lot. :)

    Sunday, May 17, 2009 5:59 PM
    Moderator
  • ...
    my old computer was using msrdp.ocx to establish the RDC while my new computer was using mstscax.dll. The "fix" for me was to copy msrdp.ocx to my new computer (C:\Windows\system32), then register it (regsvr32 msrdp.ocx).  Voila, no more pop-ups. :)
    ...
    Check and see what version of the Remote Desktop client you have on that old computer.

    What I think you did was take the Remote Desktop .ocx which was distributed with older versions of the remote desktop client (5.x?) and register it on top of a newer version (6.x?). The .ocx doesn't have the same security checks that the newer .ax does. The replacement is not advisable, I'm afraid.

    Clever hack, though I'd rather Microsoft made it possible to disable the popup though code.

    Edit: Oh, yes, the ocx will not work on a 64 bit OS. It's 32 bit only. Sorry. :)

    I'm not on the WHS team, I just post a lot. :)
    Monday, May 18, 2009 5:07 PM
    Moderator
  • Check and see what version of the Remote Desktop client you have on that old computer.

    It is now 6.0 (although I added the cert on the old computer before I upgraded from RDC 5.x to 6.0).

    What I think you did was take the Remote Desktop .ocx which was distributed with older versions of the remote desktop client (5.x?) and register it on top of a newer version (6.x?). The .ocx doesn't have the same security checks that the newer .ax does.

    That was my thought as well.  What seems odd though is that even though I upgraded to RDC 6.0 on the old computer, it was still using msrdp.ocx.

    The replacement is not advisable, I'm afraid.

    Yeah, I know.  I just thought I would throw it out there. :)

    Clever hack, though I'd rather Microsoft made it possible to disable the popup though code.

    Edit: Oh, yes, the ocx will not work on a 64 bit OS. It's 32 bit only. Sorry. :)
    I'm not on the WHS team, I just post a lot. :)

    I didn't figure the ocx file would work on 7 RC 64-bit.  I was kind of thinking (I guess wishful thinking :)  ) it would on 7 RC 32-bit, but it didn't work there either.  (I didn't try Vista 32-bit, but I would be absolutely shocked if it worked on that since Vista and 7 are so similar.)
    Monday, May 18, 2009 11:55 PM
    Moderator
  • Hi guys

     

    I have been reading the various posts in the background and trying to understand the different scenarios and potential solutions. I’m a complete novice as far as WHS and remote access in concerned, but learning.

     

    Can somebody please explain the difference between “Remote Desktop Connection” and “Remote Access to Windows Home Server Console” via https homeserver domain or are they the same thing?

     

    Sorry if I appear to be a bit of a numpty!

     

     

     

    Tuesday, May 19, 2009 10:38 AM
  • Hi,
    while Remote Desktop Connection is using a separate program (from Start/All Programs\Accessories on the client) remote access to WHS console is involving Internet Explorer, embedded ActiveX controls and the Internet Explorer security settings.
    Best greetings from Germany
    Olaf
    Tuesday, May 19, 2009 12:21 PM
    Moderator
  • Hi Olaf,

     

    Thank you for the explanation it is clear now. I can RDC to my WHS from within my network but not over the internet, I thinkI need to forward port 3389 to the IP of my WHS box to get that working as a backup connection method. I will give that a try at the weekend (I work away as a contractor WHS is ideal since I can easily access my shares from just about anywhere).

     

    Meantime for maintenance issues (health checking etc.) I’ll continue to connect to my WHS using remote console via my domain and put up with warnings created by the certificate issue to which there seems to be no definitive fix.

     

    I still can’t understand why only "some" WHS users have this issue?

    Is it specific tho the homeserver domain and GoDaddy?

    Is it worth changing my domain and buying a certificate?


    I hate problems I don't fully understand and fix, very frustrating, even though the issue is non critical there shouldn't be an issue, period.  WHS is targeted at Joe public and IMHO MS should not assume the average Joe is an expert in security, certificates, network connectivity etc.


    Having said that WHS is brilliant for my needs.

    Cheers

    Tuesday, May 19, 2009 1:18 PM
  • ...
    I still can’t understand why only "some" WHS users have this issue? 


    Is it specific tho the homeserver domain and GoDaddy?

    Is it worth changing my domain and buying a certificate?
    ...

    Really, at this point practically every Windows Home Server user probably has this issue. Those that don't have probably (at some point in the past) tweaked the systems that don't have the issue in some way; the most likely tweak is re-registering the .ocx after some update disabled it in favor of the newer .ax.

    It's not specific to GoDaddy, and it's not worth buying a certificate (which you would have to install, not the easiest task).

    As for fixing the warning, it appears by design, so there is no supported "fix" for it. It doesn't indicate a problem; it's like a lot of other security warnings in that, should you see it at a time you don't expect to, you'll have some reason to believe there's an attempt to gain unauthorized access to something.

    I'm not on the WHS team, I just post a lot. :)
    Tuesday, May 19, 2009 4:44 PM
    Moderator
  • I can RDC to my WHS from within my network but not over the internet, I thinkI need to forward port 3389 to the IP of my WHS box to get that working as a backup connection method. I will give that a try at the weekend (I work away as a contractor WHS is ideal since I can easily access my shares from just about anywhere).

    to use Remote Desktop connection to your server over the Internet (which is unsupported and may open another attackable face to the Internet) you will need to perform port forwarding for port 3389 in your router and change the scope of the Windows Home Server firewall for the Remote Desktop exception to allow connections from everywhere.
    Best greetings from Germany
    Olaf
    Tuesday, May 19, 2009 7:10 PM
    Moderator
  • Thanks for your replies guys

    At this time WHS reminds me of the times I had trying to establish my first web connection way back in the 70s, having to fiddle about with winsock etc. was the order of the day. Today I can connect to the web just about anywhere, I’m here on a mobile broadband connection typing this now but do think ..........Oh perhaps I'm expecting too much of WHS too soon.

    Thanks for your help guys:)

    • Marked as answer by Skyfury Wednesday, May 20, 2009 12:43 PM
    • Unmarked as answer by Skyfury Wednesday, May 20, 2009 12:43 PM
    Wednesday, May 20, 2009 12:43 PM